Free Dark Web Report from Experian – Part Three

On Monday and Wednesday we took an in depth look at the free dark web scan being offered by Experian.  As we found out on Wednesday, I was not too impressed with the results of the free scan.  Better information is available from HaveIBeenPwned.com.

What is Experian really offering?  The free scan just looked for the email address I provided, the ...

Continue Reading →
0

Free Dark Web Report from Experian – Part Two

On Monday we started an investigation into the free dark web scan that is being offered by credit agency Experian.  Again, this is NOT Equifax, who breached our information last year.  This is a different credit agency.

When we ran the free scan on Experian, they found three results.  But I knew there was more to find, because I had already ...

Continue Reading →
0

Free Dark Web Report from Experian – Part One

I caught an ad on TV the other night that made me curious.  Experian is offering a “free dark web report,”  ostensibly to see if any of your personal data is for sale on the Dark Web.  Well I don’t really need a test to tell me that.  Since the Equifax breach, I am pretty sure all of us have information for sale ...

Continue Reading →
0

Privileged Accounts Are Poorly Managed

Privileged accounts, typically administrator accounts, are the all powerful user accounts who can do anything on a computer, server, network, or domain.  These are the top targets for cyber-criminals and other malicious hackers.  And they generally are poorly managed.  Here are some common mistakes we see when conduction security reviews for clients.

  • Domain, Network, and Server Administrators – These accounts are often used as ...
Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


 Made a Fortune in BitCoin?  Be careful who you tell.

From Naked Security – Crypto Coins Robbed at Gunpoint.

Good old fashioned stick-ups still a possibility.


Watch out – fake support scams are alive and well this Christmas

Fake support scams – where the crooks help you “remove” malware you don’t have – are still a real ...

Continue Reading →
0

Blocking Is Not Just For Football-Part 2

On Wednesday we looked at IP blocking and geo-blocking as cybersecurity tactics.  Today we finish our review of blocking techniques with sender blocking and domain blocking.

Sender Blocking

Many of us are familiar with sender blocking.  Blocking an email sender, and adding them to our sender blacklist, is one of the ways that spam and phishing email filtering works.  Modern spam filters also analyze content and subject ...

Continue Reading →
0

Blocking Is Not Just For Football

Blocking is used in football to prevent the opposing defense from tackling your quarterback or running back.  In cybersecurity, blocking can be used to prevent attacks from malicious sources.  Today  and Friday we will look at several blocking tactics:  IP blocking, geo-blocking, sender blocking, and domain blocking.

IP Blocking

Every time your computer connects to another computer or web server, there is an exchange of information that happens, including an exchange of IP ...

Continue Reading →
0

Huge Worldwide WordPress Brute Force Attack

The rare Tuesday post, but this couldn’t wait.  If you are running a WordPress site, you need to know this.  This was just released by WordFence.

“Early this morning our team was woken up by systems alerts letting us know that we needed to scale up our attack logging capacity. The number of WordPress attacks we were monitoring per hour had ...

Continue Reading →
0

Hidden Web Cams in Airbnb Rentals and Hotel Rooms?

If you are traveling for the holidays, here is something else to watch for – the hidden web camera.  If you are staying at an Airbnb, or even a traditional hotel or motel over the holidays, be aware that there have been incidents where web cams have been found in the rooms.  Often they are disguised as other devices, such as the “motion ...

Continue Reading →
0

Fileless Malware Poses New Threat

There is a new threat appearing on corporate and personal networks called “fileless malware.”  It can sneak by traditional signature recognition endpoint security programs.  It is able to hide and stay resident by using trusted operating system and software application files to run the exploit.

Fileless malware exploits are estimated to comprise almost 30% of new exploits, and that percentage is rising as cyber-crime group move to this newer technology.  Fileless malware exploits are being target at financial institutions and other ...

Continue Reading →
0
Page 5 of 21 «...34567...»